Self-contained instant messaging appliance

ABSTRACT

A system and method are presented for providing an instant messaging (IM) environment. The network includes a plurality of client computer processing systems, a plurality of public IM services and an IM server appliance coupling the client computer systems and the public IM services for one of one-on-one and group communication. The IM server appliance includes an IM server for directing IM communication between the client systems and the public IM services, a message logging for creating a log entry of IM communications, a conferencing server interacting with the IM server to providing multiple user IM conferences, a web providing an administration interface and a plurality of public IM service gateways for translating messages from a native IM protocol employed within the IM appliance to a public IM protocol executing in any of the public IM services.

CROSS-REFERENCE TO RELATED APPLICATION

This patent application claims the benefit of U.S. Provisional PatentApplications Ser. No. 60/482,663, entitled “SELF-CONTAINED INSTANTMESSAGING APPLIANCE”, that was filed on Jun. 26, 2003, and 60/504,648,entitled “SYSTEM AND METHOD FOR CONTROLLING USER ACCESS TO A MESSAGINGSYSTEM”, that was filed on Sep. 19, 2003. The disclosures of these U.S.patent documents are incorporated by referenced in their entireties asif fully set forth herein.

COPYRIGHT NOTICE

A portion of the disclosure of this patent document contains materialwhich is subject to copyright protection. The copyright owner has noobjection to the facsimile reproduction by anyone of the patent documentor the patent disclosure, as it appears in the Patent and TrademarkOffice patent files or records, but otherwise reserves all copyrightrights whatsoever.

BACKGROUND OF THE INVENTION

1. Field of the Invention

The present invention relates generally to digital communication systemsand, more particularly, to a system, method and apparatus forfacilitating instant messaging (IM).

2. Description of Prior Art

FIG. 1 illustrates a computer processing system 10, as is generallyknown in the art, for executing software applications that allow a userto perform tasks such as, for example, communicating with other computerusers, accessing various computer resources, and viewing, creating, orotherwise manipulating electronic content such as, for example, anycombination of text, images, movies, music or other sounds, animations,three-dimensional works of authorship, and links to other objects. Thecomputer processing system 10 includes various input/output (I/O)devices such as, for example, a mouse 12, keyboard 14, display 16, and ageneral purpose computer 20 having a central processor unit (CPU) 22, anI/O unit 24 and a memory 26 for storing data and various softwareapplications such as, for example, an operating system (O/S) 30 and oneor more application programs (APP1-APP N) shown generally at 32.Typically, the computer 20 includes a communications card or device 40such as, for example, a modem or network adapter, for exchanging datawith a network shown generally at 50, via a communications link 42 suchas, a telephone line. The computer processing system 10 may be apersonal computer, laptop or work station as are known in the art.

Communication between computer processing systems is well known.Networks include two or more computer processing systems located inclose physical proximity to many thousands of computer processingsystems connected in a worldwide network. FIG. 2 is a simplified blockdiagram of a conventional computer processing network, shown generallyat 100. The network 100 includes a plurality of client computerprocessing systems (Client 1-Client N), shown generally at 110 andconfigured in accordance with FIG. 1, coupled to a server 130 through acommunication network 120 such as, for example, the Internet, anintranet or an extranet. Typically, a server is not a single entity(such as is shown at server 130 of FIG. 2), but is a network ofinterconnected server computers, in some embodiments physicallydispersed from each other, each dedicated to a subset of duties and/orto a particular geographical region. In such a case, the individualservers are interconnected by a network of communication links, as isgenerally known in the art.

As shown in FIG. 2, a user of a client system 110 (e.g., Client 1) canaccess electronic content or other resources either stored locally atthe user's own client system (e.g., in memory 26 of computer processingsystem 10) or remotely at one or more server systems 130. An example ofa server system is a host computer that provides subscribers with variesforms of on-line services including digital communication. Users of ahost computer's online services typically communicate with one or morecentral server systems 130 through client software executing on theirrespective client systems 110 (e.g., APP1 executing on computerprocessing system 10).

Different forms of digital communications have recently appeared.Examples of such digital communications includes bulletin board systems,chat rooms and instant messaging (IM). As known to those of skill in theart, the IM environment is defined in RFC 2778 and RFC 2779, which waspublished by the Internet Engineering Task Force (IETF) in Feb. of 2000,the disclosures of which are incorporated by reference herein in theirentireties. The IM environment provides a medium in which digitalcommunications occurs on a near real-time basis between a sender and arecipient, thereby permitting a sender to send and receive “instant”messages to and from a recipient.

IM is generally seen as a less formal method of communicating withindividuals. IM capabilities are seen to be more flexible thatcommunicating via the telephone and/or email. This added flexibility andinformality, however, has lead to some concerns in certain areas ofbusiness. That is, certain business communication and decision makingneeds to be secure, monitored and/or archived for later reference byauthorized persons such as, for example, regulators or auditors. Forexample, businesses within the financial industry are required tosupervise and maintain records of contacts between their employees andconsumers. The Securities and Exchange Commission (SEC) has promulgatedregulations that guide the use of electronic media by brokers anddealers. It is generally believed that such regulations would applywithin the IM environment. Additionally, businesses within thehealthcare industry must comply with regulations promulgated under theHealth Insurance Portability and Accountability Act of 1996 (HIPAA).Certain HIPAA regulations require security mechanisms to guard againstunauthorized access to data that is transmitted over a communicationsnetwork. It is generally believed that such regulations would applywithin the IM environment.

To meet mandates established by these and other governmental regulationson communications, many corporations have struggled to adapt existingelectronic communication systems facilitating IM with security, loggingand other safeguards. The inventors have found many conventional systemsdeficient as they often require coordination of a number of individualsystems to achieve all functions and capabilities required for a desiredIM environment.

Accordingly, the inventors have realized that a need exists for aintegrated, self-contained IM appliance as described herein.

SUMMARY OF THE INVENTION

The above and other objects are achieved by a system and method forproviding an instant messaging (IM) environment as described herein. Thenetwork includes a plurality of client computer processing systems, aplurality of public IM services and an IM server appliance coupling theclient computer systems and the public IM services for one of one-on-oneand group communication. The IM server appliance includes an IM serverfor directing secured and/or unsecured IM communication between theclient systems and the public IM services, message logging for creatinga log entry of IM communications and reporting based thereon, aconferencing server interacting with the IM server to provide multipleuser IM conferences, a web server providing an administration interfaceand a plurality of public IM service gateways for translating messagesfrom a native IM protocol employed within the IM appliance to a publicIM protocol executing in any of the public IM services.

The IM server appliance further includes integrated directory servicesproviding information related to authorized users of the network. In oneembodiment, the directory services are provided by a directory serverincluded within the IM server appliance, e.g., wherein the directoryserver is coupled to and interacts with the IM server. In anotherembodiment, the directory services are provided by an external directoryserver hosted in a system employing the IM appliance to provide the IMenvironment. In this embodiment, the directory services includescapabilities for synchronizing the integrated directory servicesstructure of the IM server appliance with the external directory server.

The IM server appliance also includes access control lists forselectively providing client computer processing systems access to theplurality of public IM services on at least one of a group and per-userbasis.

BRIEF DESCRIPTION OF THE DRAWINGS

The features and advantages of the present invention will be betterunderstood when the Detailed Description of the Preferred Embodimentsgiven below is considered in conjunction with the figures provided,wherein:

FIG. 1 is a block diagram of a conventional computer processing system;

FIG. 2 is a block diagram of a conventional computer processing network;

FIG. 3 is a simplified block diagram of a computer processing networkconstructed and operating for implementing an IM environment inaccordance with one embodiment of the present invention;

FIG. 4 is a flow diagram illustrating transport access control inaccordance with one embodiment of the present invention; and

FIGS. 5 and 6 illustrate graphical user interfaces depicting somefeatures and functions of the software modules of one embodiment of thepresent invention.

In these figures, like structures are assigned like reference numerals,but may not be referenced in the description for all figures.

DETAILED DESCRIPTION OF THE PREFERRED EMBODIMENTS

FIG. 3 is a simplified block diagram of a computer processing network200 configured and operating in accordance with one embodiment of thepresent invention to implement techniques, as described herein, forfacilitating an IM environment. As illustrated in FIG. 3, the network200 includes an integrated IM server appliance 210 having hardwareand/or software components, described below, providing secured and/orunsecured IM communication between computer users operating a pluralityof client computer processing systems shown generally at 300 and aplurality of public IM services shown generally at 340 (executingmessage-handling IM client applications such as, for example, AmericaOnline Inc.'s Instant Messenger, Microsoft Corporation's MSN, Yahoo!Inc.'s Instant Messenger or the like) coupled to the network 200 overwired or wireless communication connections for one-on-one communication(e.g., private conversations) or as a group in a virtual conference room(e.g., available to all users of the network 200 or a predeterminedgroup of users). The IM server appliance 210 may perform as one or moreservers and may include (in a single unit of hardware), multiplepre-configured software applications, which may include all componentsnecessary for providing a complete and secure IM environment.

In one embodiment, as illustrated in FIG. 3, the IM server appliance 210includes an IM server 212 connected to a message logging server 214, aconferencing server 216, a web server 218 and a plurality of public IMservice gateways shown generally at 220. The IM server 212 directs allIM communication between the plurality of client computer processingsystems 300 and the plurality of public IM services 340 (e.g., throughthe plurality of public IM service gateways 220). In one embodiment, theIM server 212 is based on an open source Jabber server using an opencommunication protocol such as, for example, XMPP. The message loggingserver 214 is connected to a data store such as, for example, a databasemanagement system (DBMS) 230. Preferably, the DBMS 230 is structured asa relational data base management system. The message logging server 214creates a log entry of all IM communication and stores that entry in theDBMS 230. In one embodiment, the log entry includes, for example, uniqueclient computer user names (e.g., of the sending and receiving parties),location of user (e.g., respective IP addresses), date and time the IMwas sent, status of message (e.g., read, unread, and the like). In oneembodiment, files transferred between users are also stored in the DBMS230. In one embodiment, the data transferred is stored in the DBMS 230and, in another embodiment, the file name and location of the file isstored. It should be appreciated that the DBMS 230 may be implementedas, for example, a server of the Oracle Corporation, a MySQL orPostgreSQL database solution or the like.

It should be appreciated that log entries created and stored by themessage logging server 214 and DBMS 230 are utilized to providereporting features. For example, administrators of the IM appliance 210may query the log entries to gather and track statistics regarding IMcommunication such as, for example, number of messages/chats sent andreceived through out the network and/or by individual users or groups ofusers, status of messages (e.g., number of messages unread), and thelike.

In accordance with well known principles, the IM server 212 and theconferencing server 216 interact to permit multiple user IM conferences.

In accordance with the present invention, the IM server appliance 210permits the transfer of an IM message from a first recipient user to asecond recipient (e.g., a third party such as a transfer from anadministrative assistant to an executive). Generally speaking, thetransfer function is similar to transferring a conventional telephonephone call. In one embodiment, the transfer is accomplished when thefirst recipient user receives a message composed by a sender andinitiates a message (e.g., including the IM message from the sender) tothe second recipient. The second recipient receives the message and thesession continues between the original sender and the second recipient.In one embodiment, the sender of the original message is notified of thetransfer of the IM message. Preferably, the transfer occurs withoutrequiring the original sender to perform any additional action. In oneembodiment, the first recipient transfers a received message to anotherIM or IP address of the first recipient. For example, the firstrecipient may be concurrently logged in on more than one device (e.g., awork station that received the IM message and a portable electronicdevice such as a laptop computing device, personal digital assistant(PDA), cellular telephone or the like) and prefer to conduct and/orcontinue the IM chat at the device that did not originally receive theIM message. In accordance with the present invention, the firstrecipient may transfer the IM message to the second device. In oneembodiment, the IM chat may be automatically transferred in response toa user-defined setting.

User information (e.g., unique user identification, information relatedto uses by IM clients, and other user account information) may be storedin an integrated directory structure such as, for example, a LightweightDirectory Access Protocol (LDAP) compliant directory, as is known in theart, accessible by means of a directory server 222.

In one embodiment, the directory server 222 accesses user informationstored in a directory structure hosted on a different system, where thedifferent system employs the IM appliance 210 to provide its IMenvironment. In this regard, the directory server 222 includescapabilities for synchronizing its integrated directory structure withan external directory. Preferably, the external directory is LDAPcompliant.

In one embodiment, message and presence information are archived in anintegrated relational database management system (not shown) accessibleby means of the directory server 222. In one embodiment, the directoryserver 222 may be implemented as an OpenLDAP, Microsoft ActiveDirectory, Netscape Directory server, or the like.

The web server 218 manages an administration interface for users as wellas controlling components of the appliance according to administrationsettings (e.g., Appache web server, Microsoft IIS, Netscape EnterpriseServer, etc.). A web client computer processing system 310, which may beused to register with the IM appliance 210 via the web server 218, mayutilize any conventional web browser such as, for example, MicrosoftExplorer, Netscape Navigator, and the like, and may be used toadminister and control settings within the IM appliance 210.

In one embodiment, illustrated in FIG. 5, an administrator utilizes agraphical user interface 600 to define access privileges 610 to atransport, e.g., one of the public IM services 340 such as an AIMtransport 620. As shown in FIG. 5, access privileges 610 include, forexample, an option 612 to allow all users access to the subjecttransport (e.g., the AIM transport 620), an option 614 to deny all usersaccess to the subject transport, and a manual option 616 to allow ordeny (by use of a dropdown box setting 618) access to the subjecttransport on a per-user basis. In one embodiment, the per-user access isset by specifying user names within a list box 619 provided on thegraphical user interface 600.

FIG. 6 depicts a Roster Creation graphical user interface 650 of thepresent invention. The Roster Creation interface 650 is anadministrative tool that allows an administrator of the IM appliance 210to “push” a roster (e.g., an IM Contact list) down to an end user. Theroster reside on the IM server 212, and appear on the user's clientapplication as the user logs into the system. In one embodiment, forexample, the Roster Creation tool 650 is used to establish a contactlist for a new employee so that when the employee starts their job tasksthey log on and are provided contact lists that include other membersof, for example, their department, team and the like, without having toadd these people manually as they meet these members. It should beappreciated that a roster may include individual users as well as groupsof users.

The public IM service gateways 220 interact with public IM services 340,and translate messages from a native IM protocol employed within the IMappliance 210 to a public IM protocol such as, for example, theaforementioned IM client services, America Online Inc.'s InstantMessenger, Microsoft Corporation's MSN, or Yahoo! Inc.'s InstantMessenger executing conventional message protocols such as Jabber,SIP/Simple, and SMS. The native IM protocol may be downloaded by the IMclients 300 from the IM appliance 210 once a user has registered withthe system 200. An IM client application (e.g., the native IM protocol)enables users of the IM clients 300 to send and receive messages. In oneembodiment, communications between the IM clients 300 and the IM serverappliance 210 (and/or the public IM services 340) may be encrypted.

As described in detail below, it is within the scope of the present toinclude an ability to manage access to the public IM transports (e.g.,the public IM services 340) in at least one of a user and/or a grouplevel. In conventional systems, administration of public IM transportsis limited to full enablement or disablement, meaning that either theentire user population has access to a public IM service transport oreveryone is forbidden access to the same. In the present invention,administrators (e.g., via the administration web client 310 and webserver 218) may grant and/or deny access to public IM transports toindividual user, a subset of users and/or to the entire population ofusers. In one embodiment, access as described above is accomplished byimplementing access control lists in the protocol translation performedin the public IM service gateways 220.

Communication within the computer processing network 200 is as follows.Communications 400 between the public IM services 340 and the IM servicegateways 220 are conducted using a public IM services and protocols suchas, for example, America Online Inc.'s Instant Messenger, MicrosoftCorporation's MSN, Yahoo! Inc.'s Instant Messenger, or the like.Communications 402 between the IM service gateways 220 and the IM server212, and/or the IM clients 300 are conducted using a native IM protocol,which may be proprietary or an open standard such as, for example,Jabber, XMPP as are generally known. Messages travel in an XML packetfrom clients 300 to the server 212. The server 212 examines the packetand routes it to the intended recipient, e.g., another client 300 or oneof the public IM services 340. In one embodiment, the communications 402are encrypted to prevent access from users outside the IM appliance 210.Communications 404 between the IM server 212, the message logging server214 the conferencing server 216 and the web server are inter-processcommunications utilizing, for example, shared memory, pipes, and thelike. Communications 406 between the web server 218 and theadministration web client 310 is conducted using, for example, a HTTPprotocol for secure web access.

In one embodiment of the present invention, controlling access totransports (e.g., public IM services 340) on a selective basis (e.g.,per-user basis) includes a two-part solution. As illustrated in FIG. 4,the IM appliance 210 includes an access control list (ACL) 500 definingand storing a list of registered users (e.g., registered users beingincluded in a data store 522 monitored by the directory server 222) thatare permitted (e.g., given a privilege) to access one or more of theplurality of public IM services 340 coupled to the IM appliance 210 viathe plurality of public IM service gateways 220. In one embodiment, theACL 500 includes registered users that are not permitted access to apublic IM service 340, which by implication means that all otherregistered users would have access to the corresponding public IMservice. The IM appliance 210 also includes mechanisms 520 and 530,described below, for enforcing the set of access restrictions includedwithin the ACL 500 and registered user data store 522.

In one embodiment, the ACL 500 comprises a database (e.g., implementedin XML) with data entries corresponding to each transport (e.g., each ofthe plurality of public IM services 340), respective registered users,and an access indicator (e.g., noting whether access should be allowedor denied).

In one embodiment of the present invention, the IM appliance 210includes query mechanisms 520 and 530 for invoking the registered userdata store 522 and the ACL 500 for determining whether access to apublic transport is granted (returns a “true” or “yes” value) or denied(returns a “false” or “no” value). For example, and as illustrated inFIG. 4, an IM client 300 requests 502 that the IM appliance 210 grantsaccess to a public IM service 340. The IM appliance 210 invokes thequery mechanism 520 to determine whether the user is registered at therequested IM service 340. If the user is registered (e.g., the query 520returns a “yes” value), access is granted to the Public IM service alongpath 504. If the user is not registered (e.g., the query returns a “no”value), control passes along path 506 where the IM appliance 210 invokesthe ACL query mechanism 530. In one embodiment, the a transport name anduser name (e.g., specific one of the public IM services 340 andregistered user identifier) is provided to the query mechanism 530 whichreturns an indication as to whether access is granted or denied. Ifaccess is denied (query 530 returns a “no” value), control passes alongpaths 508 and 512 where an “access denied” message is provided to therequesting IM client 300. If access is granted (query 530 returns a“yes” value), control passes along paths 510 and 512 where aregistration form is provided to the requesting IM client 300 forcompletion. Once the registration form is provided by the IM client, anentry is made within the registered user data store 522 and therequesting client 300 is provided access to the public IM service 340along path 504 as described above.

It should be appreciated that in accordance with one aspect of thepresent invention the ACL query 530 includes a policy set that isenforced by means of the ACL list 500 accessed directly within thetransport. Accordingly, in one embodiment of the present invention, adetermination is made as to whether or not a user has access to registerwith the transport using a querying mechanism (e.g., mechanism 530) ofthe ACL. If the user has access, registration proceeds as usual.However, if the user does not have access, then a standard registrationform (which the end user client expects to be present, therefore notallowing the request to be ignored) is altered into an “access denied”message box and information the user then tries to submit to or sentthrough the transport is dropped. An advantage to accessing the ACL list500 at the registration phase, as opposed to attempting a proxy-likesetup where all traffic is evaluated on a per-packet basis, is thatsystem load and/or network overhead are significantly decreased.Moreover, embodiments of the present invention make for an extremelyefficient, effective, and innovative way to accomplish access control totransports on a per-user basis.

For example, the ACL lists 500 allows system administrators the abilityto implement, on a per-user basis, a policy for accessing IM transports(e.g., one or more of the public IM services 340. Once the policy isestablished, policy violators (e.g., users attempting or gaining accessto unauthorized IM transports) are denied access to the one or moretransports. Accordingly, the ACL lists 500 allows the systemadministrator to prohibit future access to persons deemed a potentialproblem.

Some features/benefits of the integrated IM server appliance 210include, for example:

-   -   Appliance format: Software integration is complete, no        integration required by the user;    -   Appliance format: the IM server 212, directory server 222,        database 230, public network access 220 and 340, keyword tools,        reporting, roster management, encryption, firewall, IM client,        and administrative tools are all integrated on a single server;    -   Integrated reporting: report on user, group, or corporate usage        statistics;    -   2048 bit encryption: send messages securely;    -   Built in firewall to protect the hardware from unauthorized        intrusion;    -   LDAP directory, for synchronization and full featured user        administration;    -   Compatible with public IM services such as, for example, America        On-Line, Yahoo! Inc., Microsoft Network (MSN), and ICQ instant        messengers;    -   Control access to public IM service 340 on all users, user group        and a per-user basis; and    -   Create and push user rosters to IM clients 300.

Additional features/benefits of the integrated IM server appliance 210include, for example:

-   -   Rapid installation and easy administration saves administrators        time on installation and maintenance;    -   All services are provided by a single vendor reducing vendor        complexity; and    -   All required IM software is bundled on the appliance, allowing        reduced initial and long-term maintenance costs.

Although described in the context of preferred embodiments, it should berealized that a number of modifications to these teachings may occur toone skilled in the art. While the invention has been particularly shownand described with respect to preferred embodiments thereof, it will beunderstood by those skilled in the art that changes in form and detailsmay be made therein without departing from the scope and spirit of theinvention.

1. A computer processing network for providing an instant messaging (IM)environment, said network comprising: a plurality of client computerprocessing systems enabled to send and receive IM communications;connectivity to a plurality of public IM services, said public IMservices being remote from said client computer processing systems andbeing independently configured to enable alternative IM capabilities forexchanges of said IM communications with respect to said client computerprocessing systems, said plurality of public IM services using aplurality of different public IM protocols for exchanging IM messages;and an IM server appliance remote from but operatively coupling saidplurality of client computer processing systems to said plurality ofpublic IM services for at least one of one-on-one and groupcommunication, wherein said IM server appliance includes: an IM serverfor directing said IM communications between said plurality of clientcomputer processing systems and said plurality of public IM services; amessage logging server coupled to said IM server, said message loggingserver creating a log entry of said IM communications and storing saidentry in a data store coupled thereto; and a plurality of public IMservice gateways coupled to said IM server and said public IM services,said public IM service gateways translating messages from a native IMprotocol employed within said IM server appliance to a public IMprotocol executing on said public IM services, wherein said public IMservice gateways are configured to conduct said IM communications withsaid public IM services using said different public IM protocols and toconduct said IM communications with said IM server using said native IMprotocol, such that said IM server directs said IM communications tosaid client computer processing systems employing said native IMprotocol.
 2. The computer processing network of claim 1, wherein saiddata store is comprised of a data base management system.
 3. Thecomputer processing network of claim 2, wherein said data basemanagement system is a relational data base management system.
 4. Thecomputer processing network of claim 1, wherein said log entry includesunique client computer user names of the sending and receiving parties,a location of each user in terms of their respective IP addresses, adate and a time an IM message was sent, and a status of said sent IMmessage.
 5. The computer processing network of claim 4, furtherincluding reporting features for querying said log entries to gather,track and report statistics regarding IM communication within saidnetwork.
 6. The computer processing network of claim 5, wherein saidstatistical reports include (a) a number of messages/chats sent andreceived throughout said network or by individual users and groups ofusers and (b) a number of messages by message status.
 7. The computerprocessing network of claim 1, further including integrated directoryservices providing information related to authorized users of thenetwork.
 8. The computer processing network of claim 7, wherein saiddirectory services are provided by a directory server included withinsaid IM server appliance, said directory server coupled to andinteracting with said IM server.
 9. The computer processing network ofclaim 7, wherein said directory services are provided by an externaldirectory server hosted in a system employing said IM appliance toprovide said IM environment, and wherein said directory services includecapabilities for synchronizing said integrated directory servicesstructure with said external directory server.
 10. The computerprocessing network of claim 1, wherein said IM server appliance furtherincludes access control lists for selectively providing said clientcomputer processing systems access to said plurality of public IMservices on a per-user basis, at least some of said public IM servicesusing IM protocols which are proprietary.
 11. The computer processingnetwork of claim 10, wherein said access control lists include dataentries corresponding to each of said plurality of public IM services,respective registered users, and an access indicator representative ofwhether said respective user's access is one of allowed or denied to apublic IM service.
 12. The computer processing network of claim 1,wherein said IM server appliance further includes a conferencing servercoupled to and interacting with said IM server for providing multipleuser IM conferences.
 13. The computer processing network of claim 1,wherein said IM server appliance further includes a web server coupledto said IM server, said web server providing an administration interfacefor controlling components of said server appliance in accordance withadministration settings.
 14. The computer processing network of claim 1,wherein said IM server includes logic for receiving an IM message from asender to a first recipient and for transferring said received IMmessage from said first recipient to a second recipient.
 15. Thecomputer processing network of claim 1, wherein said IM server includeslogic for receiving an IM message from a sender to a first recipient andfor transferring said received IM message from a first IM address ofsaid first recipient to a second IM address of said first recipient thatis different from said first IM address.
 16. The computer processingnetwork of claim 1, wherein said IM server includes logic for receivingan IM message from a sender to a first recipient and for transferringsaid received IM message from a first IP address of a first computingdevice of said first recipient to a second IP address of a secondcomputing device of said first recipient that is different from saidfirst IP address and said first computing device.
 17. A computerprocessing network for providing an instant messaging (IM) environment,said network comprising: a plurality of client computer processingsystems enabled to send and receive IM communications; connectivity to aplurality of public IM services, said public IM services being remotefrom said client computer processing systems and being independentlyconfigured to enable alternative IM capabilities for exchanges of saidIM communications with respect to said client computer processingsystems, said plurality of public IM services using a plurality ofdifferent public IM protocols for exchanging IM messages; and an IMserver appliance remote from but operatively coupling said plurality ofclient computer systems to said plurality of public IM services for atleast one of one-on-one and group communication, wherein said IM serverappliance includes: an IM server for directing said IM communicationsbetween said plurality of client computer processing systems and saidplurality of public IM services; a message logging server coupled tosaid IM server, said message logging server creating a log entry of IMcommunications and storing said entry in a data store coupled thereto; aconferencing server coupled to and interacting with said IM server forproviding multiple user IM conferences; a web server coupled to said IMserver, said web server providing an administration interface forcontrolling components of said server appliance in accordance withadministration settings; and a plurality of public IM service gatewayscoupled to said IM server and said public IM services, said public IMservice gateways translating messages from a native IM protocol employedwithin said IM appliance to a public IM protocol executing on saidpublic IM services, wherein said public IM service gateways areconfigured to conduct said IM communications with said public IMservices using said different public IM protocols and to conduct said IMcommunications with said IM server using said native IM protocol, suchthat said IM server directs said IM communications to said clientcomputer processing systems employing said native IM protocol.